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THE CLAIMS AS HEREIN AMENDED 

1. (canceled) 

2. (canceled) 

3. (canceled) 

4. (currently amended) A method of conducting electronic credit card 
transactions so as to guard against fraud, comprising the following steps: 

using a computer program mandated by a credit card issuer, aft 
i nt e rn e t brows e r a user of a credit card issued by the a credit card issuer (a) 
initiates a proposed credit card transaction with a third party vendor by 
accessing via said third party vendor a party authorized by said credit card 
issuer to validate credit card transactions , and (b) transmits and transm i tt i ng 
to said authorized party cred i t card non-encrypted information concerning 
the user and an encrypted personal identification number that comprises in 
encrypted form a date/time stamp and certain information identifying said 
user identify i ng sa i d us e r a nd an e ncrypt e d d a t e /t i m e stamp repr e s e nt i ng th e 
curr e nt tr a nsact i on tim e ; 

said authorized party receives said encrypted personal identification 
number dat e /t i m e stamp and said non-encrypted oth e r cr e dit card 
information and decrypts said encrypted personal identification number to 
derive said date/time stamp and said certain information identifying said user 
stamp to der i v e th e current transaction t i m o as represented by said 
d e crypt e d dat o /t i me stamp ; 

said authorized party (1) compares said cred i t card non-encrypted and 
decrypted information with previously recorded user information to verify that 
the user initiating the proposed transaction is an authorized user and (2) also 
compares the current transaction time represented by said decrypted 
date/time stamp with the time of its receipt of said encrypted date/time stamp 
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and determines if the difference, if any, between said times is within a 
predetermined time limit; and 

depending on the determination made in the foregoing step, the 
authorized party communicates to said third party vendor either a validation 
or rejection of the proposed transaction. 

5. (canceled) 

6. (canceled) 

7. (canceled) 

8. (canceled) 

9. (canceled) 

10. (canceled) 

1 1 . (currently amended) A method for authorizing an electronic business 
transaction by an authorized user, comprising the steps of: 

(a) storing information about authorized users , i ncluding pre set 
pub li c k o y numb e rs and privat e k o y numbers for e ach author i z e d usor, in a 
validating system , and prov i d i ng sa i d public and pr i vate key numb e rs to sa i d 
authoriz e d us o rs for us o i n i nitiating and completing o l o otronic transactions ; 

(b) receiving in the validating system for verification an encrypted 
time-limited personal identification number eode which is transmitted in 
connection with a proposed electronic business transaction at the request of 
a person who may or may not be an authorized user, said encrypted 
personal identification number oode-com prising an encrypted date/time 
stamp r o pr o sont i ng tho time that tho proposed ol o ctronio business 
transact i on was i nit i at e d by said person, and certain encrypted user- 
identifying information a pub l ic k o y numb o r and a pr i vat e koy number ; 

(c) decrypting said received encrypted personal identification 
number code to retrieve said date/time stamp and said certain encrypted 
user-identifvina information , sa i d public koy numb e r and sa i d pr i vate key 
numb e r ; 



VASIL-1 



4 

(d) comparing said decrypted certain user-identifying information 
with the authorized user information d e crypted pub li c and pr i vat e k e y 
numb e rs w i th the pro so t uniqu e public and private k o y numbers stored in 
said validating system to verify that said decrypted certain user-identifying 
information is valid that th e y ar e val i d , and rejecting the proposed 
transaction if said decrypted certain user-identifying information is said 
d e crypt e d publ i c and pr i vat e k e y numb e rs ar e not valid; and 

(d) if said decrypted certain user-identifying information is &a\4 
d e crypt e d pub l ic and pr i vat e k e y numb e rs ar e verified as valid, (1 ) 
determining from said decrypted time stamp if the age of the proposed 
transaction is within a predetermined time limit reguired for validating the 
transaction compar i ng th e tim e r e pr e s e nt e d by s ai d decrypted date/time 
st a mp w i th th e t i m e of r e c ei pt of sa i d transm i tted e ncrypt e d cod e by sa i d 
v ali dat i ng syst e m , and (2) rejecting the proposed transaction if the age of the 
proposed transaction is not within said th o r o i s a d i ff o ronco b o twe o n th o tim o 
repr e sent e d by said decrypt e d dat o /timo stamp and said t i mo of roco i pt, and 
that d i ff e r e nc e exc ee ds a predetermined time limit. 

12. (currently amended) The method of claim 1 1 wherein said electronic 
transaction is a credit card transaction, and said certain user-identifying 
information comprises pub li c k e y numb e r i s a credit card account 
designation. 

13. (currently presented) The method of claim 1 1 wherein said encrypted 
code received by said validating system is transmitted to said validating 
system via a third party vendor, and further wherein rejection or authorization 
of said proposed transaction is communicated by said validating system to 
said vendor. 

14. (canceled) 



VASIL-1 



5 



15. (canceled) 

16. (currently amended) The method of claim 1 1 wherein said 
encrypted personal identification number code includes a public key and a 
private key an encrypted PIN . 

17. (canceled) 

18. (canceled) 

19. (canceled) 

20. (currently amended) A method of limiting the amount of time 
information pertaining to a credit card issued by a credit card issuer is valid 
for use in support of an electronic transaction with a vendor comprising the 
following steps: 

A. a credit card user records credit card information required by 
the vendor via an i nt o rnot brows e r , including credit card number, credit card 
expiration date, and the name of the credit card user; 

B. said user uses a computer program provided by the credit card 
issuer or a party acting on behalf of said credit card issuer to provide 
generates a date/time stamp representing the current date and time and to 
generate an encrypted personal identification number that comprises 
e ncrypts said date/time stamp and at least some of said recorded credit card 
information; 

C. said encrypted personal identification number is dat e /tim e 
stamp and s ai d e ncrypt e d cr e dit card i nformation ar e transmitted from said 
credit card user via said vendor to a party authorized by the credit card issuer 
to validate proposed credit card transactions; 

D. said party authorized by said credit card issuer to validate 
proposed credit card transactions conducts a validation process that 
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comprises: (1) decrypting said encrypted personal identification number to 
retrieve said date/time stamp and said at least some recorded date/time 
stamp and sa i d e ncrypt e d credit card information, (2) determining from said 
decrypted date/time stamp if the age of the proposed transaction as 
r e pr e s e nt e d by th e t i me of th e d e crypt e d stamp is within a predetermined 
time limit required for validating the transaction, (3) comparing said decrypted 
credit card information with previously recorded credit card user information 
to verify that the party initiating the proposed credit card transaction is an 
authorized credit card user, and (4) depending on the determinations made 
in foregoing steps (D)(2) and (D)(3), communicating either a validation or 
rejection of the proposed transaction to the third party vendor and/or the 
party who initiated the proposed credit card transaction. 

21. (canceled) 

22. (previously presented) A method according to claim 20 wherein 
step B includes encryption of said credit card number. 

23. (currently amended) A method for conducting credit card 
transactions so as to guard against fraud, said method comprising steps as 
follows: 

(a) a credit card user who proposes to carry out a credit card 
transaction with a third party vendor initiates the transaction by accessing a 
computer program supplied by the credit card issuer or a party acting on 
behalf of said credit card issuer that is constructed so as to (1 ) obtain a 
date/time stamp from a time source and (2) generate a time-limited personal 
identification number for the credit card user by encrypting encrypt said 
date/time stamp and certain required credit card information identifying the a 
credit card user; 
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(b) said credit card user supplies said certain required credit card 
information to said computer program and said computer program (a) obtains 
a date/time stamp i n r e spons e to sa i d c e rta i n cr e d i t card i nformat i on and (b) 
generates a n e ncrypt e d a personal identification number oede comprising 
said date/time stamp and said certain required credit card information in 
encrypted form; 

(c) said encrypt e d personal identification gg4b~ number comprising 
said date/time stamp and said certain required credit card information in 
encrypted form is transmitted via said third party vendor to a validating 
system authorized to validate credit card transactions on behalf of said credit 
card issuer; 

(d) said validating system decrypts said e ncrypt e d personal 
identification code to derive the curr e nt transaction time as represented by 
said the decrypted date/time stamp and also said certain required credit card 
information i n d e crypted form ; 

(e) said validating system (1 ) compares said decrypted certain 
required credit card information with previously recorded user information to 
verify that the user initiating the proposed transaction is an authorized credit 
card user and (2) also compares the current transaction time represented by 
said decrypted date/time stamp with the time of its receipt and determines if 
the difference, if any, between said times is within a predetermined time limit; 
and 

(f) depending on the determinations made in foregoing steps 
(e)(1) and (e)(2), the validating system communicates either a validation or 
rejection of the proposed transaction to the third party vendor and/or the 
party who initiated the proposed credit card transaction. 

24. (previously presented) A method according to claim 23 wherein 
said certain required information includes a credit card number and/or a 
private key number. 
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25. (currently amended) A method according to claim 23 wherein 
said computer program is installed on th e cr e d i t card us e r's a computer 
containing a browser, and step (c) is conducted via the internet using said 
browser. 

26. (previously presented) A method according to claim 23 wherein 
said computer program is installed on a remote server and is accessed by 
said credit card user. 

27. (currently amended) A method for conducting electronic 
transactions so as to guard against fraud, said method comprising steps as 
follows: 

(a) an entity who wishes to carry out an electronic transaction with 
a bank initiates the transaction by accessing a computer program supplied by 
said bank that is constructed so as to (1 ) obtain and e ncrypt a date/time 
stamp in response to certain required information about the entity proposing 
to carry out the electronic transaction, and (2) generate a time-limited 
personal identification number (an "ePIN" ) by encrypting said date/time 
stamp and said certain required information, said certain required information 
including at least an account number and or a private personal identification 
number representing said entity; 

(b) said entity supplies said certain required information to said 
computer program and in response said computer program gonorat e s 
obtains a date/time stamp and e ncrypts from a time source and generates 
an ePIN comprising said date/time stamp and said supplied certain required 
information; 

(c) said ePIN is encrypted dat o /t i m o stamp and o a id o ncryptod 
c e rtain r e qu i red i nformation ar e transmitted to and received by said bank or a 
validating party representing said bank; 
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(d) said receiving bank or validating party decrypts said received 
ePIN to derive said e ncrypt e d date/time stamp and said supplied rec ei v e d 
encrypt e d certain required information; 

(e) said receiving bank or validating party (1 ) compares said 
decrypted certain required information with previously recorded information in 
the possession of said bank or validating party to verify that the entity 
initiating the proposed transaction is an authorized entity and (2) atee 
compar e s tho transaction t i m e r e pr e s e nt e d by said d e crypt e d dat e /t i m e 
stamp w i th tho time of i ts rocoipt by said bank or val i dating party to 
d o t o rm i no if th o diff e rence, i f any, b e tw ee n sa i d tim e s i s w i thin a 
pr o d o t o rmin o d t i me l i m i t: and also determines from said decrypted time 
stamp if the proposed transaction meets a predetermined time limit; and 

(f) depending on the determination made in steps (e)(1) and 
(e)(2), said bank or validating party communicates either a validation or 
rejection of the proposed transaction to the entity who initiated the proposed 
credit card transaction. 

28. (currently amended) A method according to claim 27 wherein in step 
(c) said o ncryptod dato/t i mo stamp and e ncrypt e d certain requ i r e d 
i nformat i on ar e ePIN is transmitted to and received by said validating party, 
tho stops i n (o) steps (e)(1) and (e)(2) are carried out by the validating party, 
and in step (f) the validating party communicates said validation or rejection 
of the proposed transaction to said bank. 

29. (New) A method for conducting credit card transactions so as to guard 
against fraud, said method comprising steps as follows: 

(a) a credit card user who proposes to carry out a credit card 
transaction with a credit card issuer or a third party vendor initiates the 
transaction by accessing a computer program supplied by the credit card 
issuer or a party acting on behalf of said credit card issuer that is constructed 
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so as to (1) obtain a date/time stamp from a time source and (2) generate an 
encrypted ePIN comprising said date/time stamp and certain required credit 
card information identifying a credit card user; 

(b) said credit card user causes said computer program to 
generate an ePIN characterized by and comprising in encrypted form (1) 
credit card information provided by said user and (2) a date/time stamp 
obtained by said computer program in response to accessing of said 
computer program by said credit card user; 

(c) said ePIN is transmitted directly or via a third party vendor to a 
validating system authorized to validate credit card transactions on behalf of 
said credit card issuer; 

(d) said validating system decrypts said ePIN to derive the time 
represented by the decrypted date/time stamp and said credit card provided 
by said user; 

(e) said validating system (1 ) compares said decrypted credit card 
information with previously recorded user information to verify that the user 
initiating the proposed transaction is an authorized credit card user and (2) 
determines from the decrypted date/time stamp whether the proposed 
transaction is within a predetermined time limit; and 

(f) depending on the determinations made in foregoing steps 
(e)(1) and (e)(2), the validating system communicates either a validation or 
rejection of the proposed transaction to the credit card issuer and the party 
who initiated the proposed credit card transaction, and also to the third party 
vendor, if any. 

30. (New) A method according to claim 29 wherein said ePIN comprises 
in ehcrypted form a credit card number and also a non-public personal 
identification code. 
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31 . (New) A method according to claim 29 wherein step (c) also includes 
transmitting to the validating system other non-encrypted information relating 
to the identity of the party who initiates the transaction and/or to the subject 
matter of the transaction. 

32. (New) A method according to claim 4 wherein said computer program 
is installed on a personal computer containing a browser, and said encrypted 
personal identification number is transmitted to said authorized party via the 
internet using said browser. 

33. (New) A method according to claim 1 1 wherein said validating system 
receives said time-limited personal identification number via the internet. 

34. (New) A method according to claim 20 wherein said computer 
program is installed on a personal computer and said encrypted personal 
identification number is transmitted from said computer via said vendor to 
said party authorized by the credit card issuer to validate proposed credit 
card transactions. 
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